we have a client that I am going to have to do a migration for. Currently, we have on-prem vmware environment with backend encryption storage at rest. Their requirement is that it be encrypted in AWS. Does Zerto have the ability to enforce encryption of all ebs volumes that are failed over at the point of failover. It looks like the importers create the disks as the data is imported from S3. We will be using the (fastest failover method) at this point unless other issues arise.
We support the use of an encrypted S3 bucket for encryption at rest during the replication, however you would require a Zerto tweak to enable this support as it is not out of the box.
Regarding the ability to then recover to encrypted EBS volumes by default, this would have to be configured post recovery. Unfortunately AWS do not provide any easy way to do this, but the process they recommend is covered here: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_considerations.